Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/edd1223a-6776-4911-b74c-bf19916f1367.roa
File:                     edd1223a-6776-4911-b74c-bf19916f1367.roa (raw, json)
Hash identifier:          c9x4YE/v5cpzx3PXkBwHsFsKt8z3pl4MnVd/fli2RBk=
Subject key identifier:   4C:76:E6:45:40:FB:39:D2:0C:62:4B:6D:BB:7A:D2:D2:8F:DB:25:9F
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       5EA6D1ADC0C9D913903B7D2F7178A8DB6AFE50D2
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/edd1223a-6776-4911-b74c-bf19916f1367.roa
Signing time:             Mon 07 Jul 2025 17:41:42 +0000
ROA not before:           Mon 07 Jul 2025 17:41:42 +0000
ROA not after:            Mon 11 Aug 2025 23:59:59 +0000
asID:                     14618
IP address blocks:        2600:1fff:8070::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
                          rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/1ba302b8-8dab-491d-b9ed-d7c92d030d82.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/2a246947-2d62-4a6c-ba05-87187f0099b2.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5e4a23ea-e80a-403e-b08c-2171da2157d3.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3.cer
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.crl
                          rsync://rpki.arin.net/repository/arin-rpki-ta/arin-rpki-ta.mft
                          rsync://rpki.arin.net/repository/arin-rpki-ta.cer
Signature path expires:   Wed 23 Jul 2025 14:00:00 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            5e:a6:d1:ad:c0:c9:d9:13:90:3b:7d:2f:71:78:a8:db:6a:fe:50:d2
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Jul  7 17:41:42 2025 GMT
            Not After : Aug 11 23:59:59 2025 GMT
        Subject: serialNumber=a646b8e810fd49aa6dfd799b359f5826f7ea892b9f6ff8e8a0cb075b3b0481cb, CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:d4:a1:fc:fa:44:3d:8c:78:2f:24:6b:ee:e9:f8:
                    51:2b:59:99:aa:a7:d3:c7:15:e1:45:f4:49:d5:5a:
                    7c:71:a6:41:63:bd:f5:82:e4:85:3e:25:20:60:2e:
                    5a:3c:9a:1c:d7:95:97:65:b5:25:38:d4:d2:31:a3:
                    8d:ce:76:c4:93:6c:1f:40:87:54:5e:0c:03:67:2f:
                    bd:ba:92:f2:b5:94:e5:77:c4:4c:d6:42:5e:26:0a:
                    6c:28:51:61:22:1b:ca:90:cb:3e:8c:ca:fd:50:e9:
                    62:40:35:66:63:c3:ca:14:b1:35:fc:e7:d3:fb:32:
                    9f:6b:99:48:37:d1:a8:e6:91:82:3b:21:ff:6d:9f:
                    cd:7b:a9:e3:bf:c4:37:99:24:f2:46:6f:6d:08:ab:
                    eb:e2:a7:2b:26:a2:00:7a:6a:ca:69:99:d2:24:d5:
                    ad:a3:52:45:5c:74:78:cd:f8:5c:c6:36:5e:3e:51:
                    f3:c2:49:9d:4b:94:c3:c9:0f:58:50:7b:02:9b:bc:
                    67:af:10:b4:09:78:b4:aa:63:31:82:c0:87:69:f0:
                    e9:91:24:4b:fc:de:30:8f:7c:90:a1:44:58:d5:59:
                    dd:cb:04:20:09:7e:de:8e:b3:de:da:5c:2f:21:ae:
                    bc:b7:2f:ee:93:c0:1e:3e:ef:03:ab:e3:5f:05:31:
                    fa:fd
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                4C:76:E6:45:40:FB:39:D2:0C:62:4B:6D:BB:7A:D2:D2:8F:DB:25:9F
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/edd1223a-6776-4911-b74c-bf19916f1367.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv6:
                  2600:1fff:8070::/48

    Signature Algorithm: sha256WithRSAEncryption
         a0:59:0a:43:37:be:08:59:74:de:00:2b:19:b5:74:99:78:03:
         9c:46:79:18:34:2a:c1:ec:79:b2:f5:29:26:e1:b7:ba:e8:22:
         05:06:19:ba:28:52:82:3f:6b:36:5a:9d:cf:87:bb:43:7b:db:
         b7:69:11:2b:d2:86:f8:e2:4e:fa:42:c3:78:76:f3:b7:fd:57:
         c1:6d:13:b2:3b:bb:a3:fe:e6:26:06:89:92:ac:67:40:cb:bf:
         81:88:f8:dc:4e:bb:c2:7a:68:d7:1b:3a:4e:47:99:e9:d7:29:
         80:78:71:f9:4b:11:2c:a5:87:25:71:f4:19:ec:58:b8:75:00:
         a5:20:cf:79:fd:c6:49:dd:76:b4:57:44:ef:c7:89:2f:5d:0c:
         ca:e2:61:28:17:84:cb:0d:0d:9b:13:14:73:e3:71:8f:f8:48:
         6d:2a:42:a2:f8:59:d4:c7:a8:ef:a0:64:4a:ec:fe:05:b6:20:
         26:bc:ba:c6:0e:29:45:8a:8f:fc:8e:4a:e4:04:5a:d4:fd:e3:
         32:e7:95:4f:a7:b7:de:63:c6:80:ee:a3:ff:94:11:47:5b:07:
         af:68:d8:9a:5c:b2:15:f7:30:fe:11:f8:a3:b9:c5:a1:60:c8:
         01:e3:5e:2a:dc:a3:86:84:56:98:d7:c2:d7:0b:50:df:a5:7b:
         26:a8:3d:90
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUXqbRrcDJ2ROQO30vcXio22r+UNIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNzA3MTc0MTQyWhcNMjUwODExMjM1OTU5
WjB6MUkwRwYDVQQFE0BhNjQ2YjhlODEwZmQ0OWFhNmRmZDc5OWIzNTlmNTgyNmY3
ZWE4OTJiOWY2ZmY4ZThhMGNiMDc1YjNiMDQ4MWNiMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDUofz6RD2MeC8ka+7p+FErWZmqp9PHFeFF9EnVWnxxpkFj
vfWC5IU+JSBgLlo8mhzXlZdltSU41NIxo43OdsSTbB9Ah1ReDANnL726kvK1lOV3
xEzWQl4mCmwoUWEiG8qQyz6Myv1Q6WJANWZjw8oUsTX859P7Mp9rmUg30ajmkYI7
If9tn817qeO/xDeZJPJGb20Iq+vipysmogB6asppmdIk1a2jUkVcdHjN+FzGNl4+
UfPCSZ1LlMPJD1hQewKbvGevELQJeLSqYzGCwIdp8OmRJEv83jCPfJChRFjVWd3L
BCAJft6Os97aXC8hrry3L+6TwB4+7wOr418FMfr9AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUTHbmRUD7OdIMYkttu3rS0o/bJZ8wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2VkZDEyMjNhLTY3NzYtNDkxMS1iNzRjLWJmMTk5MTZmMTM2Ny5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAB//gHAwDQYJKoZIhvcNAQELBQADggEBAKBZCkM3vghZdN4AKxm1dJl4
A5xGeRg0KsHsebL1KSbht7roIgUGGbooUoI/azZanc+Hu0N727dpESvShvjiTvpC
w3h287f9V8FtE7I7u6P+5iYGiZKsZ0DLv4GI+NxOu8J6aNcbOk5HmenXKYB4cflL
ESylhyVx9BnsWLh1AKUgz3n9xknddrRXRO/HiS9dDMriYSgXhMsNDZsTFHPjcY/4
SG0qQqL4WdTHqO+gZErs/gW2ICa8usYOKUWKj/yOSuQEWtT94zLnlU+nt95jxoDu
o/+UEUdbB69o2JpcshX3MP4R+KO5xaFgyAHjXirco4aEVpjXwtcLUN+leyaoPZA=
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:53:33 2025 by rpki-client